CVE-2021-43985 : What You Need to Know
Critical CVE-2021-43985 impacts mySCADA myPRO <= 8.20.0, allowing unauthenticated remote access. Upgrade to Version 8.22.0 for mitigation.
An unauthenticated remote attacker can access mySCADA myPRO Versions 8.20.0 and prior without any form of authentication or authorization.
Understanding CVE-2021-43985
Vulnerability in mySCADA myPRO Versions 8.20.0 and earlier allows unauthenticated remote access without authentication or authorization.
What is CVE-2021-43985?
CVE-2021-43985 is a critical vulnerability in mySCADA myPRO versions 8.20.0 and below, enabling unauthenticated remote attackers to access the system without proper authorization.
The Impact of CVE-2021-43985
This vulnerability has a CVSS base score of 9.1 (Critical) with high confidentiality and integrity impacts. An attacker can exploit it remotely without any user interaction.
Technical Details of CVE-2021-43985
The technical details of the CVE-2021-43985 vulnerability are as follows:
Vulnerability Description
The flaw allows unauthenticated remote attackers to access mySCADA myPRO versions 8.20.0 and earlier without authentication or authorization.
Affected Systems and Versions
- Product: myPRO
- Vendor: mySCADA
- Versions affected: <= 8.20.0
Exploitation Mechanism
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
Mitigation and Prevention
To protect systems from CVE-2021-43985, the following steps are recommended:
Immediate Steps to Take
- Upgrade to mySCADA Version 8.22.0 or higher
- Contact mySCADA technical support for more information
Long-Term Security Practices
- Implement strong authentication mechanisms
- Regularly monitor and audit network access
- Conduct security training for users and administrators
Patching and Updates
- Apply security patches promptly
- Keep software and systems up to date